Pitfalls of open source licensing and how to avoid them

by Jason Tee

Not all open-source licenses are created equal, and if an organization doesn't pay enough attention to the fine print, they may be looking at a cease and desist letter. Here we provide some advice for organizations looking to ensure that they are in full compliance with their open source licenses.

Have you ever met an open source evangelist? These guys have a mantra of faster-better-cheaper that they chirrup so often that it comes out sounding like a single word. But as anyone who’s familiar with both Linux and Java knows, the term open source software (OSS) leaves plenty of room for interpretation. It’s kind of like how free has become a four letter word in the sales industry, as customers no longer believe it. You get emailed offers all the time for a free twenty dollar gift card to Lowes or Target; but you have to subscribe to four different magazines you’ll never read to get it. In the same way, the use of open source in software development comes with all kinds of fine print that can put an organization in a pickle.

Download this free guide

Free Handbook: Java App Development in the Cloud

Software engineers are approaching development and enterprise design in an entirely new way, thanks to the cloud. In this expert handbook, explore how your peers are leveraging the cloud to streamline app lifecycle management, save money, and make production and security more efficient.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

The open source risk

TheServerSide asked Dave Gruber (@davegruber5), the director of product marketing at Black Duck Software Inc., about this problem. He admitted that enterprises often fail to understand what they’re getting into. Open source governance is one of the consulting services his company offers precisely because it can be so complicated to navigate these murky waters. There’s no typical approach to dealing with this issue. According to Gruber, “The strategy we recommend to a specific client depends on which licenses apply to the use cases within their organization.”

Each deployment scenario has different requirements and enterprises must map their license styles accordingly. Gruber points out that there’s no shortage of available open source licenses. There are plenty of choices. In the end, it’s not about which licenses you choose so much as understanding how the different components of these licenses are relevant to your organization.

Understanding licensing terms

Part of the freedom of open source development is in the ability of authors to create whatever license terms they like. For example, the terms and conditions might stipulate that a particular piece of code may not be used in a specific application or environment. The developer of that code might not want it used in medical devices because of liability issues. But the terms don’t have to make sense, either. There’s nothing to stop the creator of a brilliant piece of open source code from dictating that you can’t use it unless you adopt a long-haired orange cat and name it after their dear departed grandma. In fact, terms of use that are opaque or that don’t seem relevant are often simply ignored.

Is there a risk or downside associated with using a license that doesn’t cover the way you’re actually using open source in your business? If you violate the basic terms, you can get served with a cease and desist order, sued, or otherwise stuck in a long legal battle over your open source. However, Dave says that this “doesn’t become a problem” when an enterprise enters into a licensing agreement with their eyes open and monitors the use of open source throughout their software lifecycle. So, there’s really nothing to fear - unless Google and Oracle decides to sue you over patent infringement with Java usage in Android.

Has open source licensing ever got your company into trouble?Let us knowabout your good and bad experiences with OSS.

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy